NEWARK, NJ—Have you recently received a large number of strange and unexplained calls on your mobile or landline telephones? The FBI is warning consumers about a new scheme that uses telecommunications denial-of-service attacks as a diversion to what is really happening: the looting of bank and online trading accounts.

The Scheme

The scheme is known as telephony denial-of–service (TDOS) and according to several telecommunications companies working with the FBI, there has been a recent surge of these attacks in the past few weeks. The perpetrators are suspected of using automated dialing programs and multiple accounts to overwhelm the land and cell phone lines of their victims with thousands of calls. When the calls are answered, the victim may hear anything from dead air (nothing on the other end), an innocuous recorded message, an advertisement, or even a telephone sex menu. The calls are typically short in duration but so numerous that victims have had to have their numbers changed to make the calls stop.

The FBI has determined that these calls serve as a diversionary technique. During these TDOS attacks, online trading and other money management accounts are being accessed by the perpetrators who are transferring funds out of those accounts. The perpetrators will obtain account information of their victims in some way and then contact the financial institutions to change their victims’ profile information such as email addresses, telephone numbers and bank account numbers. The purpose of the malicious phone calls is to occupy the victim phone numbers on record with the financial institutions managing the accounts so that when the institutions contact the victim to verify the changes and transactions, the institution is unable to reach the victim. Consequently, the victim has no idea what has really transpired until it’s too late.

What is Being Done About It?

The FBI first learned of this scheme through one of its partnerships with private industry. In November of 2009, a semi-retired dentist in St. Augustine lost as much as $400,000 from his retirement account through telephony DOS. (See the article at http://staugustine.com/node/5477.) Law enforcement discovered VOIP (Voice over Internet Protocol) accounts created by a single user that paired the accounts with automatic dialing tools to dial a large volume of computer-generated calls per minute, all directed toward the business, home, and mobile telephone numbers of the victim dentist. Those VOIP accounts were terminated, but the perpetrators of the scheme were never identified. AT&T, which has a strong working relationship with the FBI, enlisted the help of FBI Newark’s Cybercrime squad.

“Following that first incident in November 2009, we’ve recently seen an increase in this activity targeting our customers across the country,” said Adam Panagia, Associate Director of Global Fraud Management for AT&T.

Last month, the Communication Fraud Control Association (CFCA) invited the FBI to become its official law enforcement liaison. Headquartered in Roseland, New Jersey, the idea of the CFCA was conceived in February of 1985 when a group of communications security professionals from AT&T, ITT, MCI, Network One, SBS, and Sprint met to establish a cooperative effort to combat the growing problem of communications fraud. CFCA has since expanded its membership to include all areas of communication providers (such as AT&T, PAETEC, and Verizon to name a few) and end users and even includes members of law enforcement. The FBI and CFCA are now working together to analyze the patterns and trends of TDOS to prevent attacks, educate the public, and ultimately identify the perpetrators and bring them to justice. “The cooperation between PAETEC and the FBI has been tremendous,” said Robert Moore, CIO at PAETEC, a business communications firm headquartered in Fairpoint, New York. “It’s only with a true partnership between service providers and law enforcement that we can make a real impact in protecting businesses and private citizens from the growing criminal threats we’ve been seeing over the past years. It’s also the reason that for more than ten years, we’ve employed a highly-trained team of voice security professionals to identify and stop these attacks in progress while working with law enforcement to protect customers.”

Victims don’t immediately think to contact law enforcement because to them, the numerous phone calls appear to be a technical issue with the telephone carrier and not a criminal threat. “With the advent of Voice over IP and the newest technologies in phone service, criminal attacks on businesses using those platforms have become increasingly sophisticated,” said Moore. One trend that the FBI sees with the malicious phone calls is that when they are answered, many of the victims report hearing a recorded advertisement for an American car company with an announcer having an Asian accent. The other prominent trend is hearing a telephone sex “menu” when answering one of these calls.

How to Protect Yourself

Protection from TDOS attacks requires consumers to be proactive. “Although unsolicited telephone calls are not always representative of fraud, the FBI believes it is important to advise the public of this scheme,” said Michael B. Ward, Special Agent In Charge of the FBI’s Newark division. “Consumers should continue to emphasize strong security procedures for all financial accounts, including placing fraud alerts on all of their financial accounts and with the major credit bureaus if they believe they may have been targeted by a TDOS attack or other form of fraud.” Passwords for online and telephonic banking should be changed regularly and frequently. People should obtain their credit report annually and review it for fraudulent activity.

Adam Panagia of AT&T offered this advice: “We urge anyone who suspects they may be the target of a TDOS attack to immediately contact their telephone provider after notifying their financial institutions.”

This notification should include online trading brokers with whom the victim may have an account. In one recent case, the victim acted early and alerted her financial institutions and was able to successfully thwart an attempt to have money stolen from her accounts. The incident should also be promptly reported to the FBI through www.ic3.gov, the FBI’s online cybercrime complaint center. (The FBI does not necessarily respond to individual complaints registered on ic3.gov. Rather, the information is used to look for trends and patterns. Once those patterns are identified, the victims may be contacted for further information.)